Persuasive Office 365 Phishing Uses Fake Zoom Suspension Alerts

According to researchers at Abnormal Security, Microsoft Office 365 users are being targeted by a new phishing campaign using fake Zoom notifications to warn those who work in corporate environments that their Zoom accounts have been suspended, with the end goal of stealing Office 365 logins. So far the phishing campaign impersonating automated Zoom account suspension alerts has landed in over 50,000 mailboxes based on stats provided by researchers as email security company Abnormal Security who spotted these ongoing attacks. Those targeted by this campaign are a lot more willing to trust such emails during this time since the number of remote workers taking part in daily online meetings through video conferencing platforms such as Zoom has drastically increased due to stay-at-home orders or lockdowns caused by the pandemic.


EXPERTS COMMENTS
James McQuiggan, Security Awareness Advocate,  KnowBe4
July 10, 2020
Organisations with security awareness training programs focus on emails.
Cyber criminals are shifting their focus away from an email containing information about package deliveries or airline tickets to now fake calendar invites. This attack vector provides cyber criminals with another method to steal user credentials to either sell or leverage them to gain access to an organisation for additional reconnaissance or exploitation. Leveraging the human nature of fear of ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article